/
envoy.istio
/
kuma
GigaCode
beta
ОбзорЦентр заботыВойти

kuma

Форк
0
Ветки: 55Коммиты: 5762Теги: 148
kuma
/test
/e2e_env
/kubernetes
/gateway
/
cross-mesh.go 
255 строк · 9.0 Кб
1
package gateway
2


3
import (
4
	"fmt"
5
	"net"
6
	"strconv"
7


8
	. "github.com/onsi/ginkgo/v2"
9
	. "github.com/onsi/gomega"
10


11
	. "github.com/kumahq/kuma/test/framework"
12
	"github.com/kumahq/kuma/test/framework/deployments/democlient"
13
	"github.com/kumahq/kuma/test/framework/deployments/testserver"
14
	"github.com/kumahq/kuma/test/framework/envs/kubernetes"
15
)
16


17
func CrossMeshGatewayOnKubernetes() {
18
	const gatewayClientNamespaceOtherMesh = "cross-mesh-kuma-client-other"
19
	const gatewayClientNamespaceSameMesh = "cross-mesh-kuma-client"
20
	const gatewayTestNamespace = "cross-mesh-kuma-test"
21
	const gatewayTestNamespace2 = "cross-mesh-kuma-test2"
22
	const gatewayClientOutsideMesh = "cross-mesh-kuma-client-outside"
23


24
	const crossMeshHostname = "gateway.mesh"
25


26
	echoServerName := func(mesh string) string {
27
		return fmt.Sprintf("echo-server-%s", mesh)
28
	}
29
	echoServerService := func(mesh, namespace string) string {
30
		return fmt.Sprintf("%s_%s_svc_80", echoServerName(mesh), namespace)
31
	}
32


33
	const crossMeshGatewayName = "cross-mesh-gateway"
34
	const edgeGatewayName = "cross-mesh-edge-gateway"
35


36
	const gatewayMesh = "cross-mesh-gateway"
37
	const gatewayOtherMesh = "cross-mesh-other"
38


39
	const crossMeshGatewayPort = 9080
40
	const edgeGatewayPort = 9081
41


42
	echoServerApp := func(mesh string) InstallFunc {
43
		return testserver.Install(
44
			testserver.WithMesh(mesh),
45
			testserver.WithName(echoServerName(mesh)),
46
			testserver.WithNamespace(gatewayTestNamespace),
47
			testserver.WithEchoArgs("echo", "--instance", mesh),
48
		)
49
	}
50


51
	BeforeAll(func() {
52
		setup := NewClusterSetup().
53
			Install(MTLSMeshKubernetes(gatewayMesh)).
54
			Install(MTLSMeshKubernetes(gatewayOtherMesh)).
55
			Install(MeshTrafficPermissionAllowAllKubernetes(gatewayMesh)).
56
			Install(MeshTrafficPermissionAllowAllKubernetes(gatewayOtherMesh)).
57
			Install(NamespaceWithSidecarInjection(gatewayTestNamespace)).
58
			Install(NamespaceWithSidecarInjection(gatewayTestNamespace2)).
59
			Install(NamespaceWithSidecarInjection(gatewayClientNamespaceOtherMesh)).
60
			Install(NamespaceWithSidecarInjection(gatewayClientNamespaceSameMesh)).
61
			Install(Namespace(gatewayClientOutsideMesh)).
62
			Install(echoServerApp(gatewayMesh)).
63
			Install(echoServerApp(gatewayOtherMesh)).
64
			Install(democlient.Install(democlient.WithNamespace(gatewayClientNamespaceOtherMesh), democlient.WithMesh(gatewayOtherMesh))).
65
			Install(democlient.Install(democlient.WithNamespace(gatewayClientNamespaceSameMesh), democlient.WithMesh(gatewayMesh))).
66
			Install(democlient.Install(democlient.WithNamespace(gatewayClientOutsideMesh), democlient.WithMesh(gatewayMesh))) // this will not be in the mesh
67


68
		Expect(setup.Setup(kubernetes.Cluster)).To(Succeed())
69
	})
70


71
	E2EAfterAll(func() {
72
		Expect(kubernetes.Cluster.TriggerDeleteNamespace(gatewayClientNamespaceOtherMesh)).To(Succeed())
73
		Expect(kubernetes.Cluster.TriggerDeleteNamespace(gatewayClientNamespaceSameMesh)).To(Succeed())
74
		Expect(kubernetes.Cluster.TriggerDeleteNamespace(gatewayClientOutsideMesh)).To(Succeed())
75
		Expect(kubernetes.Cluster.TriggerDeleteNamespace(gatewayTestNamespace)).To(Succeed())
76
		Expect(kubernetes.Cluster.TriggerDeleteNamespace(gatewayTestNamespace2)).To(Succeed())
77
		Expect(kubernetes.Cluster.DeleteMesh(gatewayMesh)).To(Succeed())
78
		Expect(kubernetes.Cluster.DeleteMesh(gatewayOtherMesh)).To(Succeed())
79
	})
80


81
	Context("when mTLS is enabled", func() {
82
		crossMeshGatewayYaml := mkGateway(
83
			crossMeshGatewayName, crossMeshGatewayName, gatewayMesh, true, crossMeshHostname, echoServerService(gatewayMesh, gatewayTestNamespace), crossMeshGatewayPort,
84
		)
85
		crossMeshGatewayInstanceYaml := MkGatewayInstance(crossMeshGatewayName, gatewayTestNamespace, gatewayMesh)
86
		edgeGatewayYaml := mkGateway(
87
			edgeGatewayName, edgeGatewayName, gatewayOtherMesh, false, "", echoServerService(gatewayOtherMesh, gatewayTestNamespace), edgeGatewayPort,
88
		)
89
		edgeGatewayInstanceYaml := MkGatewayInstance(
90
			edgeGatewayName, gatewayTestNamespace, gatewayOtherMesh,
91
		)
92


93
		BeforeAll(func() {
94
			setup := NewClusterSetup().
95
				Install(YamlK8s(crossMeshGatewayYaml)).
96
				Install(YamlK8s(crossMeshGatewayInstanceYaml)).
97
				Install(YamlK8s(edgeGatewayYaml)).
98
				Install(YamlK8s(edgeGatewayInstanceYaml))
99
			Expect(setup.Setup(kubernetes.Cluster)).To(Succeed())
100
		})
101
		E2EAfterAll(func() {
102
			setup := NewClusterSetup().
103
				Install(DeleteYamlK8s(crossMeshGatewayYaml)).
104
				Install(DeleteYamlK8s(crossMeshGatewayInstanceYaml)).
105
				Install(DeleteYamlK8s(edgeGatewayYaml)).
106
				Install(DeleteYamlK8s(edgeGatewayInstanceYaml))
107
			Expect(setup.Setup(kubernetes.Cluster)).To(Succeed())
108
		})
109


110
		It("should proxy HTTP requests from a different mesh", func() {
111
			gatewayAddr := net.JoinHostPort(crossMeshHostname, strconv.Itoa(crossMeshGatewayPort))
112
			Eventually(SuccessfullyProxyRequestToGateway(
113
				kubernetes.Cluster, gatewayMesh,
114
				gatewayAddr,
115
				gatewayClientNamespaceOtherMesh,
116
			), "1m", "1s").Should(Succeed())
117
		})
118


119
		It("should proxy HTTP requests from the same mesh", func() {
120
			gatewayAddr := net.JoinHostPort(crossMeshHostname, strconv.Itoa(crossMeshGatewayPort))
121
			Eventually(SuccessfullyProxyRequestToGateway(
122
				kubernetes.Cluster, gatewayMesh,
123
				gatewayAddr,
124
				gatewayClientNamespaceSameMesh,
125
			), "1m", "1s").Should(Succeed())
126
		})
127


128
		It("doesn't allow HTTP requests from outside the mesh", func() {
129
			gatewayAddr := gatewayAddress(crossMeshGatewayName, gatewayTestNamespace, crossMeshGatewayPort)
130
			Consistently(FailToProxyRequestToGateway(
131
				kubernetes.Cluster,
132
				gatewayAddr,
133
				gatewayClientOutsideMesh,
134
			), "1m", "1s").Should(Succeed())
135
		})
136


137
		It("HTTP requests to a non-crossMesh gateway should still be proxied", func() {
138
			gatewayAddr := gatewayAddress(edgeGatewayName, gatewayTestNamespace, edgeGatewayPort)
139
			Eventually(SuccessfullyProxyRequestToGateway(
140
				kubernetes.Cluster, gatewayOtherMesh,
141
				gatewayAddr,
142
				gatewayClientNamespaceOtherMesh,
143
			)).Should(Succeed())
144
		})
145


146
		It("doesn't break when two cross-mesh gateways exist with the same service value", func() {
147
			const gatewayMesh2 = "cross-mesh-gateway2"
148
			crossMeshGatewayYaml2 := mkGateway(
149
				crossMeshGatewayName+"2", crossMeshGatewayName, gatewayMesh2, true, "gateway2.mesh", echoServerService(gatewayMesh2, gatewayTestNamespace), crossMeshGatewayPort,
150
			)
151
			crossMeshGatewayInstanceYaml2 := MkGatewayInstance(crossMeshGatewayName, gatewayTestNamespace2, gatewayMesh2)
152


153
			setup := NewClusterSetup().
154
				Install(MTLSMeshKubernetes(gatewayMesh2)).
155
				Install(MeshTrafficPermissionAllowAllKubernetes(gatewayMesh2)).
156
				Install(YamlK8s(crossMeshGatewayYaml2)).
157
				Install(YamlK8s(crossMeshGatewayInstanceYaml2))
158
			Expect(setup.Setup(kubernetes.Cluster)).To(Succeed())
159


160
			gatewayAddr := net.JoinHostPort(crossMeshHostname, strconv.Itoa(crossMeshGatewayPort))
161
			Consistently(FailToProxyRequestToGateway(
162
				kubernetes.Cluster,
163
				gatewayAddr,
164
				gatewayClientNamespaceOtherMesh,
165
			), "30s", "1s").ShouldNot(Succeed())
166


167
			setup = NewClusterSetup().
168
				Install(DeleteYamlK8s(crossMeshGatewayYaml2)).
169
				Install(DeleteYamlK8s(crossMeshGatewayInstanceYaml2))
170
			Expect(setup.Setup(kubernetes.Cluster)).To(Succeed())
171
			Expect(kubernetes.Cluster.DeleteMesh(gatewayMesh2)).To(Succeed())
172
		})
173
	})
174


175
	Context("with Gateway API", func() {
176
		const gatewayClass = `
177
apiVersion: gateway.networking.k8s.io/v1beta1
178
kind: GatewayClass
179
metadata:
180
  name: kuma-cross-mesh
181
spec:
182
  controllerName: "gateways.kuma.io/controller"
183
  parametersRef:
184
    group: kuma.io
185
    kind: MeshGatewayConfig
186
    name: default-cross-mesh
187
`
188
		const meshGatewayConfig = `
189
apiVersion: kuma.io/v1alpha1
190
kind: MeshGatewayConfig
191
metadata:
192
  name: default-cross-mesh
193
spec:
194
  crossMesh: true
195
`
196
		gateway := fmt.Sprintf(`
197
apiVersion: gateway.networking.k8s.io/v1beta1
198
kind: Gateway
199
metadata:
200
  name: %s
201
  namespace: %s
202
  annotations:
203
    kuma.io/mesh: %s
204
spec:
205
  gatewayClassName: kuma-cross-mesh
206
  listeners:
207
  - name: proxy
208
    port: %d
209
    hostname: %s
210
    protocol: HTTP
211
`, crossMeshGatewayName, gatewayTestNamespace, gatewayMesh, crossMeshGatewayPort, crossMeshHostname)
212
		route := fmt.Sprintf(`
213
apiVersion: gateway.networking.k8s.io/v1beta1
214
kind: HTTPRoute
215
metadata:
216
  name: %s
217
  namespace: %s
218
  annotations:
219
    kuma.io/mesh: %s
220
spec:
221
  parentRefs:
222
  - name: %s
223
  rules:
224
  - backendRefs:
225
    - name: %s
226
      port: 80
227
    matches:
228
    - path:
229
        type: PathPrefix
230
        value: /
231
`, crossMeshGatewayName, gatewayTestNamespace, gatewayMesh, crossMeshGatewayName, echoServerName(gatewayMesh))
232
		BeforeAll(func() {
233
			setup := NewClusterSetup().
234
				Install(YamlK8s(meshGatewayConfig)).
235
				Install(YamlK8s(gatewayClass)).
236
				Install(YamlK8s(gateway)).
237
				Install(YamlK8s(route))
238
			Expect(setup.Setup(kubernetes.Cluster)).To(Succeed())
239
		})
240
		E2EAfterAll(func() {
241
			setup := NewClusterSetup().
242
				Install(DeleteYamlK8s(gateway)).
243
				Install(DeleteYamlK8s(route))
244
			Expect(setup.Setup(kubernetes.Cluster)).To(Succeed())
245
		})
246
		It("should proxy HTTP requests from a different mesh", func() {
247
			gatewayAddr := net.JoinHostPort(crossMeshHostname, strconv.Itoa(crossMeshGatewayPort))
248
			Eventually(SuccessfullyProxyRequestToGateway(
249
				kubernetes.Cluster, gatewayMesh,
250
				gatewayAddr,
251
				gatewayClientNamespaceOtherMesh,
252
			), "1m", "1s").Should(Succeed())
253
		})
254
	})
255
}
256

Использование cookies

Мы используем файлы cookie в соответствии с Политикой конфиденциальности и Политикой использования cookies.

Нажимая кнопку «Принимаю», Вы даете АО «СберТех» согласие на обработку Ваших персональных данных в целях совершенствования нашего веб-сайта и Сервиса GitVerse, а также повышения удобства их использования.

Запретить использование cookies Вы можете самостоятельно в настройках Вашего браузера.